Allow to enable git protocol version 2 for upload pack
When receive.enableProtocolV2 is set to true, set the necessary extra parameters on the UploadPack to tell JGit to handle the request with protocol v2. Note that according to JGit's implementation, the git config on the repository on the server must also be configured to use protocol v2. This can be achieved either by setting it globally in the gerrit user's ~/.gitconfig or per repository in the repository's .git/config: [protocol] version = 2 Test plan: - Set protocol.version to 2 in the project's server-side config (or in the gerrit user's ~/.gitconfig) - Clone the project over SSH or HTTP - From the client, run: GIT_TRACE_PACKET=1 git -c protocol.version=2 ls-remote (one can also configure this permanently on the local project by running `git config protocol.version 2`) - Observe the packet output including: git< version 2 Feature: Issue 9046 Helped-by: David Ostrovsky <david@ostrovsky.org> Helped-by: Jonathan Nieder <jrn@google.com> Change-Id: I30290e8f060c1ee11b170aac2baeed10f213aad1
This commit is contained in:
parent
48827f6916
commit
437d7ef616
|
@ -3806,6 +3806,20 @@ link:https://www.gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.ht
|
|||
If no keys are specified, web-of-trust checks are disabled. This is the
|
||||
default behavior.
|
||||
|
||||
[[receive.enableProtocolV2]]receive.enableProtocolV2::
|
||||
+
|
||||
Enable support for git protocol version 2.
|
||||
+
|
||||
When this option is enabled, clients may send upload pack using git
|
||||
protocol version 2.
|
||||
+
|
||||
The repository must also be configured on the server side to use protocol
|
||||
version 2 by setting `protocol.version = 2` either in the gerrit user's
|
||||
`~/.gitconfig` file (which will enable it for all repositories) or on
|
||||
a per repository basis by setting the option in the `.git/config` file
|
||||
of the repository.
|
||||
+
|
||||
Defaults to false, git protocol version 2 is not enabled.
|
||||
|
||||
[[repository]]
|
||||
=== Section repository
|
||||
|
|
|
@ -49,6 +49,7 @@ import com.google.inject.TypeLiteral;
|
|||
import com.google.inject.name.Named;
|
||||
import java.io.IOException;
|
||||
import java.time.Duration;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
@ -258,6 +259,13 @@ public class GitOverHttpServlet extends GitServlet {
|
|||
up.setTimeout(config.getTimeout());
|
||||
up.setPreUploadHook(PreUploadHookChain.newChain(Lists.newArrayList(preUploadHooks)));
|
||||
up.setPostUploadHook(PostUploadHookChain.newChain(Lists.newArrayList(postUploadHooks)));
|
||||
if (config.enableProtocolV2()) {
|
||||
String header = req.getHeader("Git-Protocol");
|
||||
if (header != null) {
|
||||
String[] params = header.split(":");
|
||||
up.setExtraParameters(Arrays.asList(params));
|
||||
}
|
||||
}
|
||||
ProjectState state = (ProjectState) req.getAttribute(ATT_STATE);
|
||||
for (UploadPackInitializer initializer : uploadPackInitializers) {
|
||||
initializer.init(state.getNameKey(), up);
|
||||
|
|
|
@ -29,6 +29,7 @@ public class TransferConfig {
|
|||
private final long maxObjectSizeLimit;
|
||||
private final String maxObjectSizeLimitFormatted;
|
||||
private final boolean inheritProjectMaxObjectSizeLimit;
|
||||
private final boolean enableProtocolV2;
|
||||
|
||||
@Inject
|
||||
TransferConfig(@GerritServerConfig Config cfg) {
|
||||
|
@ -45,6 +46,7 @@ public class TransferConfig {
|
|||
maxObjectSizeLimitFormatted = cfg.getString("receive", null, "maxObjectSizeLimit");
|
||||
inheritProjectMaxObjectSizeLimit =
|
||||
cfg.getBoolean("receive", "inheritProjectMaxObjectSizeLimit", false);
|
||||
enableProtocolV2 = cfg.getBoolean("receive", "enableProtocolV2", false);
|
||||
|
||||
packConfig = new PackConfig();
|
||||
packConfig.setDeltaCompress(false);
|
||||
|
@ -72,4 +74,8 @@ public class TransferConfig {
|
|||
public boolean inheritProjectMaxObjectSizeLimit() {
|
||||
return inheritProjectMaxObjectSizeLimit;
|
||||
}
|
||||
|
||||
public boolean enableProtocolV2() {
|
||||
return enableProtocolV2;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -29,6 +29,8 @@ import org.eclipse.jgit.lib.Repository;
|
|||
import org.kohsuke.args4j.Argument;
|
||||
|
||||
public abstract class AbstractGitCommand extends BaseCommand {
|
||||
private static final String GIT_PROTOCOL = "GIT_PROTOCOL";
|
||||
|
||||
@Argument(index = 0, metaVar = "PROJECT.git", required = true, usage = "project name")
|
||||
protected ProjectState projectState;
|
||||
|
||||
|
@ -45,9 +47,11 @@ public abstract class AbstractGitCommand extends BaseCommand {
|
|||
protected Repository repo;
|
||||
protected Project.NameKey projectName;
|
||||
protected Project project;
|
||||
protected String gitProtocol;
|
||||
|
||||
@Override
|
||||
public void start(Environment env) {
|
||||
gitProtocol = env.getEnv().get(GIT_PROTOCOL);
|
||||
Context ctx = context.subContext(newSession(), context.getCommandLine());
|
||||
final Context old = sshScope.set(ctx);
|
||||
try {
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
|
||||
package com.google.gerrit.sshd.commands;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.gerrit.extensions.registration.DynamicSet;
|
||||
import com.google.gerrit.extensions.restapi.AuthException;
|
||||
|
@ -52,7 +53,6 @@ final class Upload extends AbstractGitCommand {
|
|||
PermissionBackend.ForProject perm =
|
||||
permissionBackend.user(user).project(projectState.getNameKey());
|
||||
try {
|
||||
|
||||
perm.check(ProjectPermission.RUN_UPLOAD_PACK);
|
||||
} catch (AuthException e) {
|
||||
throw new Failure(1, "fatal: upload-pack not permitted on this server");
|
||||
|
@ -65,6 +65,9 @@ final class Upload extends AbstractGitCommand {
|
|||
up.setPackConfig(config.getPackConfig());
|
||||
up.setTimeout(config.getTimeout());
|
||||
up.setPostUploadHook(PostUploadHookChain.newChain(Lists.newArrayList(postUploadHooks)));
|
||||
if (config.enableProtocolV2() && gitProtocol != null) {
|
||||
up.setExtraParameters(ImmutableList.of(gitProtocol));
|
||||
}
|
||||
|
||||
List<PreUploadHook> allPreUploadHooks = Lists.newArrayList(preUploadHooks);
|
||||
allPreUploadHooks.add(
|
||||
|
|
Loading…
Reference in New Issue